open-vault/command/read.go

package command

import (
	"fmt"
	"io"
	"os"
	"strings"

	"github.com/mitchellh/cli"
	"github.com/posener/complete"
)

var (
	_ cli.Command             = (*ReadCommand)(nil)
	_ cli.CommandAutocomplete = (*ReadCommand)(nil)
)

type ReadCommand struct {
	*BaseCommand

	testStdin io.Reader // for tests
}

func (c *ReadCommand) Synopsis() string {
	return "Read data and retrieves secrets"
}

func (c *ReadCommand) Help() string {
	helpText := `
Usage: vault read [options] PATH

  Reads data from Vault at the given path. This can be used to read secrets,
  generate dynamic credentials, get configuration details, and more.

  Read a secret from the static secrets engine:

      $ vault read secret/my-secret

  For a full list of examples and paths, please see the documentation that
  corresponds to the secrets engine in use.

` + c.Flags().Help()

	return strings.TrimSpace(helpText)
}

func (c *ReadCommand) Flags() *FlagSets {
	return c.flagSet(FlagSetHTTP | FlagSetOutputField | FlagSetOutputFormat)
}

func (c *ReadCommand) AutocompleteArgs() complete.Predictor {
	return c.PredictVaultFiles()
}

func (c *ReadCommand) AutocompleteFlags() complete.Flags {
	return c.Flags().Completions()
}

func (c *ReadCommand) Run(args []string) int {
	f := c.Flags()

	if err := f.Parse(args); err != nil {
		c.UI.Error(err.Error())
		return 1
	}

	args = f.Args()
	switch {
	case len(args) < 1:
		c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args)))
		return 1
	}

	client, err := c.Client()
	if err != nil {
		c.UI.Error(err.Error())
		return 2
	}

	// Pull our fake stdin if needed
	stdin := (io.Reader)(os.Stdin)
	if c.testStdin != nil {
		stdin = c.testStdin
	}

	path := sanitizePath(args[0])

	data, err := parseArgsDataStringLists(stdin, args[1:])
	if err != nil {
		c.UI.Error(fmt.Sprintf("Failed to parse K=V data: %s", err))
		return 1
	}

	secret, err := client.Logical().ReadWithData(path, data)
	if err != nil {
		c.UI.Error(fmt.Sprintf("Error reading %s: %s", path, err))
		return 2
	}
	if secret == nil {
		c.UI.Error(fmt.Sprintf("No value found at %s", path))
		return 2
	}

	if c.flagField != "" {
		return PrintRawField(c.UI, secret, c.flagField)
	}

	return OutputSecret(c.UI, secret)
}
command/get,put 2015-03-04 19:08:13 +00:00			`package command`

			`import (`
command/read 2015-03-16 03:52:28 +00:00			`"fmt"`
Add support for passing args via `vault read` (#5093) We support this in the API as of 0.10.2 so read should support it too. Trivially tested with some log info: `core: data: data="map[string]interface {}{"zip":[]string{"zap", "zap2"}}"` 2018-08-14 02:00:26 +00:00			`"io"`
			`"os"`
command/get,put 2015-03-04 19:08:13 +00:00			`"strings"`
Add list capability, which will work with the generic and cubbyhole backends for the moment. This is pretty simple; it just adds the actual capability to make a list call into both the CLI and the HTTP handler. The real meat was already in those backends. 2015-09-14 19:42:12 +00:00
Update read command 2017-09-05 04:03:36 +00:00			`"github.com/mitchellh/cli"`
Add basic autocompletion (#3223) * Add basic autocompletion * Add autocomplete to some common commands * Autocomplete the generate-root flags * Add information about autocomplete to the docs 2017-08-24 22:23:40 +00:00			`"github.com/posener/complete"`
command/get,put 2015-03-04 19:08:13 +00:00			`)`

Run a more strict formatter over the code (#11312) * Update tooling * Run gofumpt * go mod vendor 2021-04-08 16:43:39 +00:00			`var (`
			`_ cli.Command = (*ReadCommand)(nil)`
			`_ cli.CommandAutocomplete = (*ReadCommand)(nil)`
			`)`
Update read command 2017-09-05 04:03:36 +00:00
command/write 2015-03-16 03:35:33 +00:00			`type ReadCommand struct {`
Update read command 2017-09-05 04:03:36 +00:00			`*BaseCommand`
Add support for passing args via `vault read` (#5093) We support this in the API as of 0.10.2 so read should support it too. Trivially tested with some log info: `core: data: data="map[string]interface {}{"zip":[]string{"zap", "zap2"}}"` 2018-08-14 02:00:26 +00:00
			`testStdin io.Reader // for tests`
Update read command 2017-09-05 04:03:36 +00:00			`}`

			`func (c *ReadCommand) Synopsis() string {`
Update read command 2017-09-08 02:00:30 +00:00			`return "Read data and retrieves secrets"`
Update read command 2017-09-05 04:03:36 +00:00			`}`

			`func (c *ReadCommand) Help() string {`
			helpText := `
			`Usage: vault read [options] PATH`

			`Reads data from Vault at the given path. This can be used to read secrets,`
			`generate dynamic credentials, get configuration details, and more.`

Update read command 2017-09-08 02:00:30 +00:00			`Read a secret from the static secrets engine:`
Update read command 2017-09-05 04:03:36 +00:00
			`$ vault read secret/my-secret`

			`For a full list of examples and paths, please see the documentation that`
Update read command 2017-09-08 02:00:30 +00:00			`corresponds to the secrets engine in use.`
Update read command 2017-09-05 04:03:36 +00:00
			` + c.Flags().Help()

			`return strings.TrimSpace(helpText)`
			`}`

			`func (c ReadCommand) Flags() FlagSets {`
			`return c.flagSet(FlagSetHTTP \| FlagSetOutputField \| FlagSetOutputFormat)`
			`}`

			`func (c *ReadCommand) AutocompleteArgs() complete.Predictor {`
			`return c.PredictVaultFiles()`
			`}`

			`func (c *ReadCommand) AutocompleteFlags() complete.Flags {`
			`return c.Flags().Completions()`
command/get,put 2015-03-04 19:08:13 +00:00			`}`

command/write 2015-03-16 03:35:33 +00:00			`func (c *ReadCommand) Run(args []string) int {`
Update read command 2017-09-05 04:03:36 +00:00			`f := c.Flags()`

			`if err := f.Parse(args); err != nil {`
			`c.UI.Error(err.Error())`
command/get,put 2015-03-04 19:08:13 +00:00			`return 1`
			`}`

Update read command 2017-09-05 04:03:36 +00:00			`args = f.Args()`
Update read command 2017-09-08 02:00:30 +00:00			`switch {`
			`case len(args) < 1:`
			`c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args)))`
command/read 2015-03-16 03:52:28 +00:00			`return 1`
cmomand/read: strip path prefix if necessary. Fixes #343 2015-06-18 01:33:15 +00:00			`}`
command/read 2015-03-16 03:52:28 +00:00
			`client, err := c.Client()`
			`if err != nil {`
Update read command 2017-09-05 04:03:36 +00:00			`c.UI.Error(err.Error())`
command/read 2015-03-16 03:52:28 +00:00			`return 2`
			`}`

Add support for passing args via `vault read` (#5093) We support this in the API as of 0.10.2 so read should support it too. Trivially tested with some log info: `core: data: data="map[string]interface {}{"zip":[]string{"zap", "zap2"}}"` 2018-08-14 02:00:26 +00:00			`// Pull our fake stdin if needed`
			`stdin := (io.Reader)(os.Stdin)`
			`if c.testStdin != nil {`
			`stdin = c.testStdin`
			`}`

Update read command 2017-09-08 02:00:30 +00:00			`path := sanitizePath(args[0])`

Add support for passing args via `vault read` (#5093) We support this in the API as of 0.10.2 so read should support it too. Trivially tested with some log info: `core: data: data="map[string]interface {}{"zip":[]string{"zap", "zap2"}}"` 2018-08-14 02:00:26 +00:00			`data, err := parseArgsDataStringLists(stdin, args[1:])`
			`if err != nil {`
			`c.UI.Error(fmt.Sprintf("Failed to parse K=V data: %s", err))`
			`return 1`
			`}`

			`secret, err := client.Logical().ReadWithData(path, data)`
command/read 2015-03-16 03:52:28 +00:00			`if err != nil {`
Update read command 2017-09-05 04:03:36 +00:00			`c.UI.Error(fmt.Sprintf("Error reading %s: %s", path, err))`
			`return 2`
command/read 2015-03-16 03:52:28 +00:00			`}`
command/read: handle 404s 2015-04-19 05:05:08 +00:00			`if secret == nil {`
Update read command 2017-09-05 04:03:36 +00:00			`c.UI.Error(fmt.Sprintf("No value found at %s", path))`
			`return 2`
command/read: handle 404s 2015-04-19 05:05:08 +00:00			`}`
command/read 2015-03-16 03:52:28 +00:00
Update read command 2017-09-05 04:03:36 +00:00			`if c.flagField != "" {`
			`return PrintRawField(c.UI, secret, c.flagField)`
Add ability to read raw field from secret 2015-05-22 18:28:23 +00:00			`}`

CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format 2018-02-12 23:12:16 +00:00			`return OutputSecret(c.UI, secret)`
Add basic autocompletion (#3223) * Add basic autocompletion * Add autocomplete to some common commands * Autocomplete the generate-root flags * Add information about autocomplete to the docs 2017-08-24 22:23:40 +00:00			`}`